WIXLIB

Enterprise Mobility ManagementVMware Workspace ONE CloudData security and endpoint compliance with conditional accessTo protect the most sensitive information, Workspace ONE Cloud combines identity and device management toenforce access decisions based on a range of conditions from strength of authentication, network, location, anddevice compliance.FeatureDescriptionConditional access policyenforcement that combinesidentity and mobilitymanagementConditional Access policy enforcement to mobile, web, and Windows appson a per-application basis is configured through Identity Manager to enforceauthentication strength and restrict access by network scope or through anydevice restriction imposed by VMware Unified Endpoint Management (rooteddevices, app blacklist, geolocation and others).Device management andcompliance powered byVMware unified endpointmanagement technologyAutomate device compliance for advanced data leakage protection includingprotection against rooted or jailbroken devices, whitelist and blacklist apps,open-in app restrictions, cut/copy/paste restrictions, geofencing, networkconfiguration and a range of advanced restrictions and policies enforced throughthe VMware policy engine.App and device analyticsRecord application, device and console events to capture detailed information forprovide near real-time visibility system monitoring, and view logs in the console or export pre-defined reports.Near real-time app delivery and automationWorkspace ONE Cloud takes full advantage of the new capabilities of Windows and uses the industry leading VMwareUEM technology to enable desktop administrators to automate application distribution and updates on the fly.FeatureDescriptionRemote configurationmanagement enablesemployees to provisionnew, shrink-wrappeddevices from virtuallyanywhereWorkspace ONE Cloud with VMware configuration eliminates the need for laptopimaging and provides an efficient out-of-the-box experience for employees.Manage configurations based on dynamic smart groups, which consider deviceinformation and user attributes, and update automatically as those change.Automatically connect end users to corporate resources such as Wi-Fi and VPN, andenable highly secure connectivity to backend systems with advanced options forcertificate authentication and per-app VPN.Windows softwaredistribution automatessoftware lifecyclemanagementVMware software distribution enables enterprises to automatically install, update andremove software packages, and also provide scripting and file management tools. Createan automated workflow for software, applications, files, scripts and commands to installon laptops, and configure installation during enrollment or on-demand. You can also setthe package to install based on conditions, including network status or defined schedules,and deploy software updates automatically and notify the user when updates occur.Asset tracking provides asingle view of corporatemanaged devices,wherever they areWorkspace ONE Cloud with VMware enables administrators to remotely monitor andmanage all devices connected to your enterprise. Because VMware is multitenant, youcan manage devices across geographies, business units or other segmentations in asingle console and then define, delegate and manage with role-based access controls.Remote assistancemakes it simple tosupport employeesWorkspace ONE Cloud with VMware Remote Assistance provides support to yourend users with remote assistance and troubleshooting. To gather informationon a device, perform a device query to collect the latest profile list, device info,installed applications and certificates. To assist with troubleshooting, remotelyaccess file system logs and configuration files for diagnosing an issue. Remote viewcommands enable IT administrators to request a user to share a device screen.PRODUCT BRIEF

Enterprise Mobility ManagementVMware Workspace ONE CloudAT&T professional servicesApps(optional but requirwed for ASD support)Basic installation and training*(does not include VMware identity mgr)AT&T will provide implementation services in a VMwarehosted environment with optional integration supportedby an VMware Connector in the Customer’s data centersand initial deployment of an initial pilot set of devices.Apps and IdentityDevicesDesktop MobileAppleGoogleManagementand SecurityMicrosoftBasic plus installation and training *(does not include VMware identity mgr)Basic Plus offer includes all of the features of BasicInstallation and Training plus the configuration ofthe VMware Launcher feature for the setup ofshared Android devices.Premium installation and training servicesfor EMM softwareAT&T will provide implementation services thatinclude installation of the VMware Console, anoptional Connector and either a Secure EmailGateway or PowerShell Integration for emailmanagement and an initial pilot set of devices.Premium plus installation and trainingfor use of EMM softwarePremium Plus Installation and Training Servicesinclude all the features of Premium Installation andTraining, as well as installation of a Mobile AccessGateway for content management or highly securebrowsing, and installation, and configuration.Application Service Desk (ASD)**(AT&T professional services required)Application Service Desk Support Plans are provided by theAT&T Global Mobility Applications and Security (“GMAS”)ASD organization and are available to Customers that havenot previously purchased an EMM Solution from AT&T. Thecomponents of these ASD Plans include the following:Advanced remote administrationservice plan (optional)The Advanced Remote Administration Service Plan isa comprehensive program available that is designedfor organizations that have limited internal supportresources and mobile expertise. AT&T will provide thestaff needed to administer Customer’s EMM platformand provide an EMM consultant to assist Customer.The advanced remote administration service includes: Device managementUser and group managementPolicy management and complianceApplication and content managementActive directory integrationCertificate managementSupport for EMM integration with email**Complex network architecture supportEMM advanced features support* Available for existing VMware AirWatch customers only**AT&T will not provide technical support to end users and will not provide technicalsupport for the applications and/or content that Customer chooses to distribute andwhich are not included in the Solution’s feature list. Technical Support MACD (moves, adds, changes, disconnects)Administration Service OptimizationMonthly recurring charge (“MRC”) subscriptions to allVMware Workspace ONE Cloud editions include alicense plus ASD Support.PRODUCT BRIEF

Enterprise Mobility ManagementVMware Workspace ONE CloudVMware Workspace ONE Cloud Product Brief Important InformationGeneral: Workspace ONE Cloud as described in this product brief (the “Solution”)is available only to eligible customers with a qualified AT&T agreement (“QualifiedAgreement”). The Solution is subject to (a) the terms and conditions found at https://www.vmware.com/download/eula/universal eula.html (“Additional Product Terms”);(b) the Qualified Agreement; and (c) applicable Sales Information. (“Additional ProductTerms”); (b) the Qualified Agreement; and (c) applicable Sales Information. Forgovernment customers, any Additional Product Terms not allowable under applicablelaw will not apply, and the Qualified Agreement will control in the event of any materialconflict between the Qualified Agreement and the Additional Product Terms. Except forgovernment customers, Customer must accept the Additional Product Terms on behalfof its end users. Any service discounts, equipment discounts, and/or other discounts setforth in the Qualified Agreement do not apply to the Solution. The Solution may not beavailable for purchase in all sales channels or in all areas. Additional hardware, software,service and/or network connection may be required to access the Solution. Availability,security, speed, timeliness, accuracy and reliability of service are not guaranteed by AT&T.Requirements; Technical Information: The Solution is available for use with multiplenetwork service providers and its functionality is limited to certain mobile devices andoperating systems. A list of the compatible devices and operating systems is availableby contacting an AT&T Account Executive or visit www.att.com/mdm.* With respect tousers subscribed to AT&T wireless service, activation of an eligible AT&T data plan withshort message service (“SMS”) capabilities is required. With respect to use of the Solutionwith devices subscribed to non-AT&T wireless providers, customer is responsible forensuring that its applicable end users and the Solution complies with all applicable termsof service of such other wireless carrier(s). All associated voice, messaging and datausage will be subject to the applicable rates and terms of such other wireless carrier(s).Refer to applicable wireless carrier(s) for such rates, terms and conditions. The Solution’sadministrative interface is accessed via a Web portal and requires a browser with Internetconnection. AT&T will not provide technical support to end users. AT&T reserves theright to (i) modify or discontinue the Solution in whole or in part and/or (ii) terminatethe Solution at any time without cause. All fees paid for the Solution are non-refundable.A minimum of 20 Solution licenses is required for an initial order. Users may downloadlicensed software onto one (1) device per license. If the license is sold on a per user basis,up to five (5) users may use one license.Use of Solution Outside the U.S.: For government customers, see youraccount representative for additional information regarding use of the Solutionoutside the US. For other customers, see the Country Specific Provisions inthe Solution Service Guide located at http://serviceguidenew. att.com/sgcustomPreviewPDFPage?testid 068C0000001fyNEIAY.Data Privacy: Customer Personal Data may be transferred to or accessible by (i) AT&Tpersonnel around the world; (ii) third parties who act on AT&T’s or AT&T’s supplier’sbehalf as subcontractors; and (iii) third parties (such as courts, law enforcement orregulatory authorities) where required by law. Customer will only provide or makeCustomer Personal Data accessible when Customer has the legal authority to do so andfor which it has obtained the necessary consents from its end users, and will camouflageor securely encrypt customer Personal Data in a manner compatible with the Solution.As used herein, the term Customer Personal Data includes, without limitation, name,phone number, email address, wireless location information or any other information thatidentifies or could reasonably be used to identify customer or its end users. Customeris responsible for providing end users with clear notice of AT&T’s and Customer’scollection and use of Customer Personal Data obtained via the Solution, including, withoutlimitation, end user device location information, and for obtaining end user consent tothat collection and use. Customer may satisfy its notification requirements as to AT&T byadvising end users in writing that AT&T and its suppliers may collect and use CustomerPersonal Data by providing for end user review the relevant links to the product brief orother sales information that describes the Solution and to AT&T’s Privacy Policy at http://www.att.com/gen/privacy-policy?pid 2506.Reservations: AT&T reserves the right to perform work at a remote location or use, inAT&T’s sole discretion, employees, contractors or suppliers located outside the UnitedStates to perform work in connection with or in support of the Solution. Any warrantiesrelated to the Solution that can be passed through under law will be passed throughto Customer by AT&T. For government customers, the following applies to the extentnot in conflict with the Qualified Agreement: (i) ALL SOFTWARE IS PROVIDED BY AT&TTO CUSTOMER ON AN “AS IS” BASIS; (ii) AT&T disclaims all remedies for claims ofinfringement by a third party based upon or arising out of customer’s or end users’ us ofthe Solution, and (iii) Customer’s sole and exclusive remedy for any damages, losses, costsand expenses arising out of or relating to use of the Solution will be termination of service.For all other customers: (i) VMware, not AT&T, is responsible for any such warranty termsand commitments; (ii) ALL SOFTWARE IS PROVIDED BY AT&T TO CUSTOMER ON AN “ASIS” BASIS; (iii) AT&T disclaims all remedies for claims of infringement by a third party basedupon or arising out of customer’s or end users’ us of the Solution; and (iv) Customer’ssole and exclusive remedy for any damages, losses, costs and expenses arising out of orrelating to use of the Solution will be termination of service.VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.comCopyright 2017 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or morepatents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. and its subsidiaries in the United States and other jurisdictions. Allother marks and names mentioned herein may be trademarks of their respective companies. Item No: 43851vmw-ds-id-mgr-dgtl-wkspc1-digital-en-us 7/17Find out more about VMware Workspace ONE Cloud byvisiting: www.att.com/security.Share this withyour peers 2018 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo and other marks are trademarks and service marks of AT&T IntellectualProperty and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. The informationcontained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change. 12173-032818PRODUCT BRIEF

Advanced email attachment security reduces data leakage Better secure email and attachments through the use of the VMware Secure Email Gateway that can enforce enterprise encryption, wipe, and "open in" controls keeping attachments more secure Content management app permits line of business to push and manage highly secure content on the device